Processing of personal data

Sormet näppäilevät näppäimistöä.
The EU General Data Protection Regulation (GDPR) came into force on 25 May 2018. The basic principles of personal data processing and the rights of data subjects remain largely unchanged. For example, individuals will continue to have the right to inspect their personal data and to request the rectification of inaccurate data and the deletion of unnecessary data.

City customer’s rights to register data 

The City collects personal data from customers to the extent necessary to provide the service. With respect to the information collected in the register, a data subject has the right to know what information is being collected about them. If the information is incorrect, the customer may request that it be corrected. 
The processing of personal data by the City’s services is mainly based on the implementation of the City’s statutory obligation or the exercise of public powers vested in a public authority. Where the processing of personal data is based on consent, the data subject has the right to withdraw their consent at any time. 
The data are collected in different registers according to the purposes for which they are used. The registers have privacy statements, which can be found below on this page. 
The privacy statements indicate who the controller is and who the contact person for the register is. The privacy statement also contains the purposes for which the data are processed and other necessary information. 

Request for information – e-services 

Information about data protection, laws and regulations 

Informing the data subject 

The EU General Data Protection Regulation (EU 679/2016) requires data controllers to inform data subjects about the purposes and means of processing personal data, i.e. what personal data are stored in the registers, how the data are processed, where they may be disclosed and for how long they are stored. The information also provides the data subject with information about their rights and of the party they can contact in order to exercise those rights. The EU General Data Protection Regulation is supplemented by the National Data Protection Act (1050/2018). 

The services provided by the City of Kuopio are mainly based on the provision of services required by legislation and services that the City has taken on itself to organise. In connection with the provision of these services, personal data that constitute personal data registers are processed. 

The City of Kuopio, as the controller, uses a privacy statement to provide information in accordance with the GDPR. The official responsible for the personal register is also responsible for ensuring that the privacy statement is accurate and up-to-date. 

Privacy statements until 26 September 2022 (ELKO and KYP) and until 7 November 2022 (KOP ja HEP) 

Privacy statements (ELKO and KYP from 27 September 2022, KOP and HEP from 8 November 2022) 

Contact information of the Data protection officer 

Data protection officer 

+358 44 718 2854